Whitelist specific tables

Question

Whitelist specific tables

Closed this issue 7 months ago · 4 comments

I'm using Dirt on top of a database where some tables may contain sensitive information, so I don't want to expose them via the API. @tobinbradley do you have any suggestions for what to do in that scenario? Realizing this might be out of scope for a dirt-simple server, but thought I'd ask just in case 😄

Not bulletproof per se, but I was thinking about adding a config option to my fork to disable /list_tables — not sure if that's something you'd be open to a PR on.

Answer 1 · 2024-03-02T23:32:30.000Z

/list_tables will only expose the table names - the dirt login still needs SELECT rights to the tables see any of the sensitive information contained within. But I can understand why you'd want to hide the table names too.

white/black lists as part of the API seem like a foot gun to me - seems better to enforce that as role permissions in the database. There might be a way to only list the tables that the dirt login has SELECT rights to. I'll fiddle with it.

Answer 2 · 2024-03-03T13:26:46.000Z

I changed list_tables to only show tables/views the dirt login has SELECT rights to. So it essentially works like I think you were hoping for but it's managed on the Postgres end. Give it a whirl and see if it works for you.

Answer 3 · 2024-03-03T18:10:15.000Z

Awesome, thanks @tobinbradley! I realized after opening this issue I could set some hard constraints with grant select on, but I like the idea of handling it gracefully in /list_tables. I'll try it out!

Answer 4 · 2024-03-10T17:52:00.000Z

This is working great on my end — thanks for the helpful changes @tobinbradley!